此内容尚未提供您的语言版本,正在以英文显示。

Burpsuite Project Parser

插件活跃

Search and extract data from Burp Suite project files (.burp) for security analysis

1 个 Skill 0 个 MCP

目的

To enable programmatic searching and extraction of security-relevant data from Burp Suite project files for detailed analysis and auditing.

功能

Search response headers and bodies with regex
Extract security audit findings
Dump proxy history and site map entries
Filter output for specific data components

使用场景

Analyze security vulnerabilities found by Burp Suite
Extract specific HTTP traffic patterns for further investigation
Automate the process of finding specific data within Burp project files
Integrate Burp Suite findings into broader security workflows

非目标

Directly parsing .burp files without Burp Suite Professional
Replacing the Burp Suite UI for full manual inspection
Performing active scanning or modifying Burp Suite's configuration

Documentation

warning:Configuration & parameter referenceThe README mentions optional `jq` but does not explicitly document its parameters or precedence. Environment variables like `BURP_JAVA` and `BURP_JAR` are mentioned but their usage and expected formats could be more explicit.

Scope

warning:Minimal I/O surfaceThe `responseBody` search operation is described as requiring truncation to 1000 characters, indicating a potential for large outputs if not strictly managed, and the `proxyHistory` and `siteMap` operations are explicitly discouraged for full dumps due to size.

Code Execution

warning:ValidationWhile the README provides guidance on filtering and output limits, there is no explicit mention or evidence of input validation libraries (like Zod or Pydantic) being used for arguments passed to the wrapper script.
info:Error HandlingThe README provides extensive guidance on output limits and handling large files, suggesting an awareness of potential issues, but does not detail specific error handling mechanisms for script failures or malformed inputs.

Portability

warning:Runtime stabilityThe README details platform-specific environment variables (`BURP_JAVA`, `BURP_JAR`) for macOS, Windows, and Linux, but assumes Burp Suite Professional is installed in specific default locations, which might not hold true for all users.

Errors

info:Actionable error messagesThe README provides extensive guidance on output limits and potential issues, suggesting how to avoid errors, but does not detail specific error messages or remediation steps for script failures.

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills

/plugin install burpsuite-project-parser@trailofbits

包含 1 个扩展

Skill (1)

Burpsuite Project Parser 技能

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.

质量评分

78 /100

about 23 hours ago 分析

信任信号

最近提交3 days ago

GitHub 所有者 trailofbits

星标5.2k

许可证CC-BY-SA-4.0

状态

查看源代码

类似扩展

Kaizen

Inspired by Japanese continuous improvement philosophy, Agile and Lean development practices. Introduces commands for analysis of root cause of issues and problems, including 5 Whys, Cause and Effect Analysis, and other techniques.

插件

NeoLabHQ

Skill Optimizer

分析和优化您的 Agent Skills (SKILL.md)，利用会话数据和经过研究支持的静态检查。兼容 Claude Code、Codex 以及任何兼容 Agent Skills 的代理。

插件

hqhq1025

X Twitter Scraper

X (Twitter) 实时数据平台技能，提供 REST API（100 多个端点）、MCP 服务器（2 个工具）和 Webhook。涵盖推文搜索、用户查找、时间线、提取、监控、赠品抽奖、积分、支持以及经过确认的私有读取、写入操作、Webhook、监控和按使用付费流程。每次调用读取价格为 $0.00015。

插件

Xquik-dev